Commit 1b452735 authored by Romain Courteaud's avatar Romain Courteaud

erp5_core: Use SameSite=Lax cookie

SameSite=None breaks the compatibility with some browser versions.
https://www.chromium.org/updates/same-site/incompatible-clients
parent 110d9931
......@@ -21,6 +21,6 @@ resp.setCookie(
path='/',
secure=getattr(portal, 'REQUEST', {}).get('SERVER_URL', '').startswith('https:'),
http_only=True,
same_site='None',
same_site='Lax',
**kw
)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment